Security Basics mailing list archives
RE: Honeypot Server
From: "Brett Kennedy" <Brett.Kennedy () caseware com>
Date: Thu, 17 Jan 2008 13:12:09 -0500
Depending on the purpose of the honeypot, most likey you want an environment as similar as possible to the real environment you wish to simulate with the honeypot. This would let you study the attacks on the honeypot in the most meaningful way. You'd also want software then to monitor tcp traffic, changes to the local drive and so on. These could be standard software used for these purposes, such as mod_security, tripwire etc., and not necessarily honeypot-specific. Brett -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gleb Paharenko Sent: January 17, 2008 12:48 PM To: m.farid.shawara () gmail com Cc: security-basics () securityfocus com Subject: Re: Honeypot Server Dear Farid. Though I have not practical experience with honeypots yet. I suggest you a good resource: honeynet.org Also you should determine the needs of your honeypot (just get attempts to connect, or research what malicious atacker is doing), and select an appropriated solution, it can be a whole honeypot infrastructure. Honeynet claims that their live cd is fine: https://projects.honeynet.org/honeywall/ 2008/1/17, m.farid.shawara () gmail com <m.farid.shawara () gmail com>:
Dear All : Can you advise what is the best honeypot server available Open-source or commercial - it doesn't matter as long as it will be
easy to
administrate and easy to monitor and alerted ... Mohamed Farid ...
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com -- Click the link below to report this message as spam to Caseware E-Mail Security Server ESVA. http://esva1.caseware.com/cgi-bin/learn-msg.cgi?id=4B7621ED254.49828
Current thread:
- Honeypot Server m.farid.shawara (Jan 17)
- Re: Honeypot Server Gleb Paharenko (Jan 17)
- RE: Honeypot Server Brett Kennedy (Jan 17)
- RE: Honeypot Server Timmothy Lester (Jan 17)
- Message not available
- RE: Honeypot Server m.farid.shawara (Jan 18)
- RE: Honeypot Server Timmothy Lester (Jan 18)
- Logging Krzyston, Randy (Jan 18)
- RE: Logging Robert D. Holtz - Lists (Jan 18)
- RE: Logging Scott Williamson (Jan 18)
- RE: Logging Lee Hilt (Jan 18)
- RE: Logging Petter Bruland (Jan 19)
- Re: Logging infolookup (Jan 19)
- RE: Logging Bugtraq (Jan 21)
- RE: Honeypot Server m.farid.shawara (Jan 18)
- Re: Honeypot Server Gleb Paharenko (Jan 17)